[***] Summary: [***]
7 new Open, 27 new Pro (7 + 20). eCh0raix, Cobalt Group, Olive62 ELF, Various Phish.
Thanks: Kevin Ross
Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback
Open:
2027699 - ET CURRENT_EVENTS Successful Generic Miarroba Phish 2019-07-11 (current_events.rules)
2027700 - ET TROJAN Amadey CnC Check-In (trojan.rules)
2027701 - ET TROJAN eCh0raix/QNAPCrypt CnC Activity - Started (trojan.rules)
2027702 - ET TROJAN eCh0raix/QNAPCrypt CnC Activity - Done (trojan.rules)
2027703 - ET POLICY Socks5 Proxy to Onion (set) (policy.rules)
2027704 - ET TROJAN eCh0raix/QNAPCrypt Requesting Key/Wallet/Note (trojan.rules)
2027705 - ET TROJAN eCh0raix/QNAPCrypt Successful Server Response (trojan.rules)
Pro:
2837455 - ETPRO TROJAN ELF/Olive62 Reporting Infection (trojan.rules)
2837456 - ETPRO POLICY Observed Suspicious SSL Cert (CN Value (none)) (policy.rules)
2837457 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2019-07-11) (current_events.rules)
2837458 - ETPRO CURRENT_EVENTS Successful Standard Chartered Bank Phish 2019-07-11 (current_events.rules)
2837459 - ETPRO CURRENT_EVENTS Successful Standard Chartered Bank Phish 2019-07-11 (current_events.rules)
2837460 - ETPRO CURRENT_EVENTS Successful Standard Chartered Bank Phish 2019-07-11 (current_events.rules)
2837461 - ETPRO TROJAN SSL/TLS Certificate Observed (Cobalt Group) (trojan.rules)
2837462 - ETPRO TROJAN SSL/TLS Certificate Observed (Cobalt Group) (trojan.rules)
2837463 - ETPRO CURRENT_EVENTS Successful Telstra Webmail Phish 2019-07-11 (current_events.rules)
2837464 - ETPRO CURRENT_EVENTS Successful Yahoo Phish 2019-07-11 (current_events.rules)
2837465 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2019-07-11 (current_events.rules)
2837466 - ETPRO CURRENT_EVENTS Successful Chase Phish 2019-07-11 (current_events.rules)
2837467 - ETPRO CURRENT_EVENTS Successful Generic Phish 2019-07-11 (current_events.rules)
2837468 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-11 1) (trojan.rules)
2837469 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-11 2) (trojan.rules)
2837470 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-11 3) (trojan.rules)
2837471 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-11 4) (trojan.rules)
2837472 - ETPRO CURRENT_EVENTS Successful Yahoo Phish 2019-07-11 (current_events.rules)
2837473 - ETPRO TROJAN Vidar/Arkei/Megumin Stealer Keywords Retrieved (trojan.rules)
2837474 - ETPRO POLICY Suspicious Localhost SSL/TLS Certificate Observed (policy.rules)
[///] Modified active rules: [///]
2835950 - ETPRO TROJAN Cryptbot Exfiltrating System Data (trojan.rules)
[---] Disabled rules: [---]
2833502 - ETPRO TROJAN Amadey CnC Check-In (trojan.rules)